Well, it has stopped giving me errors for Must Understand, but still no luck on actually authenticating. It appears to get past the Timestamp processing, and then fails. Has anyone gotten a Rampart policy with AsymmetricBinding/Signature only to work properly? I would be interested in seeing your policy file.
I am seeing the following error in the logs: 2007-08-08 15:51:56,983 DEBUG org.apache.ws.security.WSSecurityEngine - Unknown Element: BinarySecurityToken http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secex t-1.0.xsd That seems like probable cause for this to fail. I looked up that error on Google, and I see a lot of references to XML Pretty Printing (which I now have disabled in my client axis2.xml, although it does not appear to have made a difference in the output) and most of those messages were using Axis 1.3, not Axis2 as I am using. The other thing I am struggling with are the X509 token types and the decryption algorithm. Is it possible to find that information on the certificate itself? I was unable to find it, but I am thinking if I were wrong that would be another reason why my signature validation would fail. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 08, 2007 8:07 AM To: [email protected] Subject: RE: Rampart error with MustUnderstand Hi, It looks like your client is set up to add a timestamp and signature, but the server has not been configured to expect them. I got the same error when I configured rampart on my client but not on my server. The Must Understand flag means: If the server doesn't understand this header element, then it must report an error rather than continue processing. cheers, Michael from sunny Ottawa > -----Original Message----- > From: Ford, Jennifer M. [mailto:[EMAIL PROTECTED] > Sent: Tuesday, August 07, 2007 6:17 PM > To: [email protected] > Subject: Rampart error with MustUnderstand > > > I have spent the last couple days trying to add Rampart to an existing > web service with Policy/Sample02 as a model. I feel like I'm close, > but I can't seem to get past the most recent error: > > 2007-08-07 16:43:12,066 DEBUG > org.apache.axis2.transport.http.AxisServlet - > org.apache.axis2.AxisFault: Must Understand check failed for header > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecu rity-secex t-1.0.xsd : Security Perhaps a stupid question, but what does the Must Understand check do exactly? And, more importantly, what might cause this problem? Thanks, Jennifer --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
